WordPress Black Friday & Cyber Monday Deals 2021
Days
Hours
Minutes
Seconds

Secure Your WordPress Site, Lock Stock and Barrel

There is no point in having an array of locks at your disposal, if you do not use them, or don’t know how to use them to safeguard your property. In the case of information, especially your private information, a heavy duty lock is what you need at all times. To protect, in this case, a repository of valuable information, it is important to have a good lock and ensure that it is fixed strongly to the door.

There is no point in having an array of locks at your disposal, if you do not use them, or don’t know how to use them to safeguard your property. In the case of information, especially your private information, a heavy duty lock is what you need at all times. To protect, in this case, a repository of valuable information, it is important to have a good lock and ensure that it is fixed strongly to the door. Likewise, a website is only as strong as the password and login page. And that is in your hands, to a large extent.

To help protect your website, there are two basic requirements: (i) safeguard your password; and (ii) secure the login screen. There are a plethora of plugins that are helpful in this endeavour. Login LockDown is one such plugin; it blocks users who attempt to guess the password to your website. Another such app is the Google Authenticator which reduces the chance of a security breach even further. The most common method of ensuring the safety of the login screen is with the use of Captcha.

Login LockDown

Login Lockdown registers every failed login attempt and the corresponding IP address. After three attempts, it blocks all further login attempts from said IP for an hour. These are the default settings, and the time and number of attempts may be altered to suit your specific requirements. It is a good tool in preventing unauthorised access by someone close to you, who may be able to guess the password.

1 2

While this plugin is ideal for securing the safety of your WordPress site, it is not advisable for people who tend to forget passwords. After you login successfully, you can unblock the blocked IPs from the Dashboard.

With this plugin, you can easily find out the IP address that launched the unsuccessful login attempts on your site; and possibly even trace the IP address to the source. But the user must beware: the plugin may malfunction if other plugins interfere with its working.

You can download the plugin here 

Google Authenticator

For smartphone savvy people, who require seamless connectivity to their WordPress sites the Google Authenticator is the ideal plugin for additional safety.  Once you setup the plugin, you need to install the Google Authenticator app which is available for smartphones such as Android, Blackberry and iOS-based devices. The app works in conjunction with the plugin to make your login process much more secure.

3 4

Normally, passwords can be cracked by means of brute force attack. If you use Google Authenticator then it renders the possibility of password compromise moot. When a person breaks into your account with the password, the screen asks for the Google Authenticator password. This password is available only to you provided you have the app installed on your smartphone.

Even if a hacker figures out your username and password, it will be nearly impossible to determine the unique code provided by the Google Authenticator as you will be the only person who has access to the code. Not only that, the code is time-bound and expires in a short interval of time. That’s why it is nearly impossible to access a WordPress website that has been adequately protected by plugins such Google Authenticator.

One disadvantage of the Google Authenticator is that it necessitates the use of a smartphone in conjunction with a computer system. It cannot be used independently.

You can download the plugin here

Captcha

Captcha is one the most simple and most effective ways to improve the security of a site. More than one plugin on WordPress uses Captcha to protect the site from spam and bot attacks. The use of Captcha eliminates the possibility of brute force attack, in the process greatly decreasing the likelihood of falling to cyber-attacks.

Different types of Captcha

Normal Captcha is available in WordPress, this plugin can be applied to the login page, reset password screen and comment forms.

You can find it here

5

There are also other types including SI Captcha that specialises in prevention of spamming by automated bots, Sweet Captcha that adds colour to your site. There is an Invisible Captcha plugin that prioritizes the protection of comments from spam. For users who require puzzle and intrigue in their Captcha, there is Enmask Captcha.

6 7

Finally, just remember…

Plugins may well save the day for you, but there is no substitute for a strong password that comprises of dual case characters, numbers and special characters in no specific order.  Should your site ever get compromised, the first course of action is to use the ”forgot password” option, login with the new password and change it immediately.

Be prepared! Be safe!

If you enjoyed this post, make sure to subscribe to WP Mayor’s RSS feed.

Alyona Galea
Alyona Galea
Alyona is a WordPress enthusiast, focused on sharing interesting things she comes across during her work with this great CMS. She loves exploring new destinations and maintains a travel blog at www.alyonatravels.com

Consider sharing this post so others can find it:

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on telegram
Share on whatsapp
Share on pocket
Share on email

Join thousands of people receiving real-world, genuine evaluations of WordPress products and services just like this one every week.

Our Sponsors
Solid Affiliate
Contents

One Response

  1. I’m using SI Captcha. It saved me a lot from bruteforce attack. But these peoples keep coming again and again even if they’re in the blocked list.

Leave a Reply

Your email address will not be published. Required fields are marked *

The Beginner’s Handbook
From an introduction on how WordPress works to our recommendations on products and services.
👋 Hey there! We're Gaby and Mark
Every week we share tutorials and genuine reviews of WordPress products and services in our newsletter.
Thousands of people read it!
We’d love for you to join.
We’d love for you to join. Here’s what you’ll be getting:

A single weekly email directly to your inbox.